Upgrade RHEL:8 kernel-tools-libs-devel to version 0:4.18.0-372.9.1.el8 or higher. This issue was patched in RHSA-2022:1988 .

ldapjdk vulnerabilities

Known vulnerabilities in the ldapjdk package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Out-of-bounds Write	<0:4.24.0-1.module+el8.10.0+1816+f1a7c8eb
M Improper Resource Shutdown or Release	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M CVE-2020-1938	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M HTTP Request Smuggling	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Improper Certificate Validation	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
H Incorrect Authorization	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
H Cleartext Storage of Sensitive Information	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
H XML External Entity (XXE) Injection	<0:4.23.0-1.module+el8.5.0+701+8dc610e5
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M CVE-2020-1695	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Cross-site Scripting (XSS)	<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a
M Memory Leak	<0:4.23.0-1.module+el8.5.0+701+8dc610e5

Vulnerability

Vulnerable Version

Out-of-bounds Write

<0:4.24.0-1.module+el8.10.0+1816+f1a7c8eb

Improper Resource Shutdown or Release

<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a

Cross-site Scripting (XSS)

<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a

CVE-2020-1938

<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a

HTTP Request Smuggling

<0:4.22.0-1.module+el8.4.0+418+b7ae1d4a